[dns-operations] Diffing tools for zones?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Aug 26 07:55:34 UTC 2010
On Mon, Aug 02, 2010 at 12:09:19PM -0700,
Paul Hoffman <phoffman at proper.com> wrote
a message of 9 lines which said:
> Are there any reasonable tools that know how to look for differences
> in two versions of a modern zone? By "reasonable" I mean "ignores
> changes in NSEC and NSEC3 records and other things that are normal
> in the daily operation of a signed zone".
I don't know if it is reasonable but here is the command-line I
currently use in my scripts. Note the memories it includes:
grep -E -v ';(File (start|end)|(End of file)|(serial))|^[^[:space:]]+[[:space:]]+[0-9]+[[:space:]]+IN[[:space:]]+(RRSIG|SOA|NSEC)[[:space:]]|VRSN-END-OF-ZONE-MARKER-DUMMY-RECORD\.ROOT\.' $1
More information about the dns-operations
mailing list